package com.part2.security;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionMapping;

import com.part2.Constants;



public class SecurityAdvice implements MethodInterceptor {
	private static final Log logger = LogFactory.getLog(SecurityAdvice.class);
	
	public Object invoke(MethodInvocation arg0) throws Throwable {
		
		Object[] args = arg0.getArguments();
		ActionMapping mapping = (ActionMapping) args[0];
		ActionForm form = (ActionForm) args[1];
		HttpServletRequest request = (HttpServletRequest) args[2];
		HttpServletResponse response = (HttpServletResponse) args[3];
		
		if(request.getSession().getAttribute(Constants.USER_IN_SESSION)== null){
			logger.warn("NOT sign in yet");
			return mapping.findForward("index");
		}
		
		return arg0.proceed();
	}
}
